I use the font and colour setup in my .profile, with case "$(tty)" in ( /dev/tty* ) ... ;; esac so that I can customize every tty I log into, regardless if at home or at the university (no root needed, fonts embedded on dotfiles).

I did not know about ralt as a compose key! That will make TTY a viable option again, great!

Looks like the answer is yes and no. Pacman is apparently able to do PGP package checks but the default is:

SigLevel = Optional TrustedOnly

which translates to:

Optional:

If set to Optional , signatures will be checked when present, but unsigned databases and packages will also be accepted.

TrustedOnly:

TrustedOnly (default)
If a signature is checked, it must be in the keyring and fully trusted; marginal trust does not meet this criteria.

So if you are installing a signed package the signature will be checked but an unsigned package will just get accepted blindly. Guess it’s a better check for corrupted downloads than md5 checksums but that’s not really any additional security.